2. THIS IS
• Purely academic debate. Do not read otherwise
• No room for discussion, but for arguments.
• My opinion on a deck and your opinion as voice
• Abuse of English
• Based on evidence ?
• Fact vs Fiction
• Cyber Crime Business Models
• Budget Meeting
3. ME
• I am Uday
• I work as a pen tester
• Currently into Data Analysis & Machine Learning Learning
• Yawn, Steam, Argue, Debate, Learn
• Big Data can change the world or solve some problems.
• Big data for hacking ? People are really doing that.
• Alejandro Caceres http://www.hyperiongray.com/
4. BEFORE WE START, PLEASE BE ASSURED
• All my words are an outcome of months of research
• We are always assured
• “The president of India would be visiting Hyderabad
tomorrow” and I have this information from an impeccable
source from the president’s staff at Rastrapathi Bhavan
5. HOW DOES ASSURANCE WORK ?
• Authoritative speech powerful enough to make me believe
that men are from mars and aliens are from earth
• When assured, there is no question left to ask
6. ASSURANCE & CYBER WAR
• Are we being assured that Cyber War is in progress ?
• Audience: What is Cyber War ?
• Audience: What is Cyber Crime ?
• Espionage vs Cyber War vs Cyber Crime ?
• Your responses are invaluable!
7. WHO HAS DEFINED CYBER WAR
• International Laws are still WIP
• Has EU or US declared definitions ? The answer is no.
• What has been taken into account to call this as a war ?
9. WHATEVER HAPPENS ONLINE WITH US
• Is not cyber war
• Is not Cyber Terrorism
• Could be Cyber Bullying
• Could be violation of privacy
• Could have legal implications
• Could be cumbersome
• Affects our personal lives indirectly especially longterm
10. ENOUGH ENGLISH
• Do We have some data as evidence to argue upon ?
• Yes we do!
• Measuring Pay-per-Install: The Commoditization of Malware Distribution
• White Paper fromJuan Caballero, Chris Grier, Christian Kreibich, Vern
Paxson, Berkley
• Is this Authentic data ?
• Please be assured that this is more genuine than pure cocaine
11. CRIME AS A BUSINESS MODEL
• Can I design crime ?
• Instance: CarderPlanet.com
• PPI Model – Pay Per Install
• Exploit as a service
• Malware is the new commodity
• Better off than your shares and market
• Who the bullish ? What the bearish ?
12. SERVICE PROVIDER
• What is this PPI Market
Business
Client
• I am the bad
guy
Service • I run the show
Service
Affiliate
•Oh yeah!
Malware
13. WHAT IS THIS BUSINESS MODEL ?
• This is one observed business model that generates the
underground economy
• Offerings are highly customized
14.
15. ARTICLE A YEAR AGO
• http://www.reddit.com/r/IAmA/comments/sq7cy/iama_a_mal
ware_coder_and_botnet_operator_ama/
• IAmA a malware coder and botnet operator, AMA
• TOR + Dedicated Enhanced Service
• Stealthy really
16. MEMORY ERRORS
• Past present Future
• Corrupted Pointer, Uninitialized Pointer Access, Out of bounds
etc.
• Subversion of logic
• This is relevant even today even after 20 years
17.
18.
19.
20. SO WHAT DEFINITION IS WRONG ?
• Cyber War vs Cyber Crime
• We have never had a Cyber War yet
• This comes from the definition of traditional war
• We can have a separate debate on this
• When a conventional war follows the strategy of “Greater the
offense, Greater the defense”, Cyber War is opposite.
21. CYBER TERRORISM
• Many people are using this word already & extensively
• David Rappaport has not coined this term.
• I believe that the word “Cyber Terrorism” is completely wrong.
• You can have your view.
22. BUDGET MEETING
• $100-180 for Unique thousand installs, This is for US/UK/Europe
• $7-8 is the lowest for the same service, least popular
geography
• Rivalry in PPI
• Often difficult to validate on the installs when using two rival
PPI Providers
• Affiliates receive credit for confirmed Installs
23. CRIMEWARE KITS
• To build botnet variants
• Instance zbot
• This is not an exhaustive talk on cyber crime
• We can have a dedicated session for a deep dive on cyber
crime
• Let’s quickly see what someone from NATO has to say